xref: /freebsd/crypto/openssh/regress/agent-getpeereid.sh (revision d93a896ef95946b0bf1219866fcb324b78543444)
1*d93a896eSDag-Erling Smørgrav#	$OpenBSD: agent-getpeereid.sh,v 1.8 2017/01/06 02:51:16 djm Exp $
2ce3adf43SDag-Erling Smørgrav#	Placed in the Public Domain.
3ce3adf43SDag-Erling Smørgrav
4ce3adf43SDag-Erling Smørgravtid="disallow agent attach from other uid"
5ce3adf43SDag-Erling Smørgrav
6ce3adf43SDag-Erling SmørgravUNPRIV=nobody
7ce3adf43SDag-Erling SmørgravASOCK=${OBJ}/agent
8ce3adf43SDag-Erling SmørgravSSH_AUTH_SOCK=/nonexistent
9ce3adf43SDag-Erling Smørgrav
10ce3adf43SDag-Erling Smørgravif config_defined HAVE_GETPEEREID HAVE_GETPEERUCRED HAVE_SO_PEERCRED ; then
11ce3adf43SDag-Erling Smørgrav	:
12ce3adf43SDag-Erling Smørgravelse
13ce3adf43SDag-Erling Smørgrav	echo "skipped (not supported on this platform)"
14ce3adf43SDag-Erling Smørgrav	exit 0
15ce3adf43SDag-Erling Smørgravfi
16076ad2f8SDag-Erling Smørgravcase "x$SUDO" in
17076ad2f8SDag-Erling Smørgrav	xsudo) sudo=1;;
18076ad2f8SDag-Erling Smørgrav	xdoas) ;;
19076ad2f8SDag-Erling Smørgrav	x)
20076ad2f8SDag-Erling Smørgrav		echo "need SUDO to switch to uid $UNPRIV"
21076ad2f8SDag-Erling Smørgrav		exit 0 ;;
22076ad2f8SDag-Erling Smørgrav	*)
23076ad2f8SDag-Erling Smørgrav		echo "unsupported $SUDO - "doas" and "sudo" are allowed"
24076ad2f8SDag-Erling Smørgrav		exit 0 ;;
25076ad2f8SDag-Erling Smørgravesac
26ce3adf43SDag-Erling Smørgrav
27ce3adf43SDag-Erling Smørgravtrace "start agent"
28ce3adf43SDag-Erling Smørgraveval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null
29ce3adf43SDag-Erling Smørgravr=$?
30ce3adf43SDag-Erling Smørgravif [ $r -ne 0 ]; then
31ce3adf43SDag-Erling Smørgrav	fail "could not start ssh-agent: exit code $r"
32ce3adf43SDag-Erling Smørgravelse
33ce3adf43SDag-Erling Smørgrav	chmod 644 ${SSH_AUTH_SOCK}
34ce3adf43SDag-Erling Smørgrav
35*d93a896eSDag-Erling Smørgrav	${SSHADD} -l > /dev/null 2>&1
36ce3adf43SDag-Erling Smørgrav	r=$?
37ce3adf43SDag-Erling Smørgrav	if [ $r -ne 1 ]; then
38ce3adf43SDag-Erling Smørgrav		fail "ssh-add failed with $r != 1"
39ce3adf43SDag-Erling Smørgrav	fi
40076ad2f8SDag-Erling Smørgrav	if test -z "$sudo" ; then
41076ad2f8SDag-Erling Smørgrav		# doas
42*d93a896eSDag-Erling Smørgrav		${SUDO} -n -u ${UNPRIV} ${SSHADD} -l 2>/dev/null
43076ad2f8SDag-Erling Smørgrav	else
44076ad2f8SDag-Erling Smørgrav		# sudo
45*d93a896eSDag-Erling Smørgrav		< /dev/null ${SUDO} -S -u ${UNPRIV} ${SSHADD} -l 2>/dev/null
46076ad2f8SDag-Erling Smørgrav	fi
47ce3adf43SDag-Erling Smørgrav	r=$?
48ce3adf43SDag-Erling Smørgrav	if [ $r -lt 2 ]; then
49ce3adf43SDag-Erling Smørgrav		fail "ssh-add did not fail for ${UNPRIV}: $r < 2"
50ce3adf43SDag-Erling Smørgrav	fi
51ce3adf43SDag-Erling Smørgrav
52ce3adf43SDag-Erling Smørgrav	trace "kill agent"
53ce3adf43SDag-Erling Smørgrav	${SSHAGENT} -k > /dev/null
54ce3adf43SDag-Erling Smørgravfi
55ce3adf43SDag-Erling Smørgrav
56ce3adf43SDag-Erling Smørgravrm -f ${OBJ}/agent
57